Job Description
Job Description
About NDi:
Network Designs, Inc. (NDi) is a leading Federal contractor that specializes in designing, developing, and delivering information technology and network solutions for government customers. Founded in 1985, NDi's firmly defined core values have driven all aspects of the business, which have been paramount to our company's success and the establishment of an enjoyable workplace atmosphere. At NDi, we believe that our people are the cornerstone of our success, and we value collaboration, career growth, and winning ideas. Military Veterans Encouraged to Apply.
Job Description:
The Security/Compliance Manager will be responsible for overseeing security controls, compliance activities, and continuous monitoring to ensure VESEE systems meet VA cybersecurity, privacy, and regulatory requirements. This role provides governance and coordination across delivery teams, ensuring security controls are implemented, assessed, documented, and sustained in alignment with VA standards, FISMA, and ATO requirements.
Requirements:
- U.S Citizenship required.
- Must be able to obtain and maintain a Public Trust clearance
- This position is remote but may require occasional onsite meetings in McLean, VA.
- You can be based out of following states: AZ, DC, FL, GA, OH, ME, MD, SC, TX, UT, VA, NC, OK, WV.
Qualifications and Experience:
- Bachelor's Degree in Cybersecurity, Information Technology, Information Assurance, or a related field.
- At least 7 years of experience in security compliance, RMF, or federal cybersecurity roles.
- Strong experience with RMF control implementation and assessment.
- Experience managing ACAS vulnerability scanning and reporting.
- Experience with SCAP compliance checks and STIG application.
- Hands-on experience with eMASS documentation and POA&M management.
- Experience overseeing HBSS/ESS host security monitoring.
- Experience reviewing Nessus/Tenable plugin results and coordinating remediation.
- Experience supporting continuous monitoring aligned with FISMA and ATO requirements.
- Experience managing audit log retention and review across Oracle DB, Oracle WebLogic, and Kubernetes platforms.
- Experience enforcing privilege and access control alignment with VA baseline standards.
- Strong organizational, analytical, and communication skills.
- Ability to lead cross-functional teams and manage multiple compliance priorities.
Preferred Qualifications:
- Experience supporting VA systems or other federal agency environments.
- Experience managing security compliance across large, multi-team delivery programs.
- Relevant certifications such as CISSP, CISM, or equivalent federal cybersecurity certifications
Responsibilities
Security Governance and Oversight:
- Oversee implementation and maintenance of security controls across VESEE systems and environments.
- Ensure alignment of security practices with VA cybersecurity, privacy, and regulatory requirements.
RMF and Compliance Management:
- Lead RMF control implementation, assessment coordination, and ongoing control effectiveness monitoring.
- Oversee SCAP compliance checks and STIG application activities.
- Coordinate ACAS vulnerability scanning, reporting, and remediation tracking.
Continuous Monitoring and ATO Sustainment:
- Manage continuous monitoring workflows aligned with FISMA and VA ATO sustainment requirements.
- Ensure security posture is maintained through regular assessments, scans, and evidence collection.
eMASS Documentation and POA&M Management:
- Oversee eMASS control package documentation, updates, and submissions.
- Manage POA&M development, tracking, and remediation coordination.
Vulnerability Management and Remediation Coordination:
- Review ACAS and Nessus/Tenable scan outputs.
- Coordinate remediation activities across technical teams and track resolution status.
- Ensure vulnerabilities are prioritized and addressed in accordance with VA policies.
Host and Platform Security Monitoring:
- Oversee host-based security monitoring using HBSS/ESS.
- Ensure audit log retention and review requirements are met across Oracle DB, Oracle WebLogic, and Kubernetes container platforms.
Access Control and Privilege Management:
- Ensure privilege and access controls align with VA baseline standards.
- Oversee review and validation of role assignments and access enforcement.
Reporting and Evidence Collection:
- Prepare and review security and compliance reports for VA stakeholders.
- Ensure accurate evidence collection to support audits, assessments, and ATO sustainment.
Cross-Team Coordination and Leadership:
- Provide guidance and direction to delivery teams on security and compliance expectations.
- Serve as the primary point of coordination between engineering teams, compliance staff, and VA security stakeholders.
Compensation and Benefits:
At NDi, we value our team and are committed to retaining top talent by offering competitive benefits and compensation packages. Our employee benefits package includes comprehensive health, dental, vision, pet, and legal insurance. Our corporate benefits include 401(k) retirement matching, paid leave, paid holidays, and health and wellness programs. In addition, we provide employer-paid life and disability insurance, professional development, education benefits, and much more to ensure our team has the resources they need to thrive on and off the job.
Veterans First Commitment:
As a Service-Disabled Veteran-Owned Small Business (SDVOSB), NDi is dedicated to hiring veterans and providing a supportive work environment that honors their service while recognizing the unique skills and experiences they bring to our organization.
Commitment to Diversity:
NDi is an Equal Opportunity Employer. We are committed to creating a diverse environment and are proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran or military status, citizenship, national origin, or any other basis prohibited by law in all phases of the employment process and compliance with applicable federal, state, and local laws and regulations. As a federal government contractor, NDi complies with all applicable affirmative action requirements.
Apply Now:
Take advantage of this unique opportunity to join one of the fastest-growing companies in Federal contracting!